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DETAILED ACTION 

This action is responsive to the application filed January 14, 2004. Claims 1-21 
are pending. Claims 1-21 represent a method and system for measuring remote- 
access VPN quality of service. 



Drawings 

1 . The informal drawings are not of sufficient quality to permit examination. 
Accordingly, replacement drawing sheets in compliance with 37 CFR 1.121 (d) are 
required in reply to this Office action. The replacement sheet(s) should be labeled 
"Replacement Sheet" in the page header (as per 37 CFR 1 .84(c)) so as not to obstruct 
any portion of the drawing figures. If the changes are not accepted by the examiner, the 
applicant will be notified and informed of any required corrective action in the next Office 
action. 

Applicant is given a TWO MONTH time period to submit new drawings in 
compliance with 37 CFR 1 .81 . Extensions of time may be obtained under the provisions 
of 37 CFR 1 .136(a). Failure to timely submit replacement drawing sheets will result in 
ABANDONMENT of the application. 



Claim Rejections - 35 USC § 101 
2. 35 U.S.C. 101 reads as follows: 
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Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claim 10 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claim 10 teaches a VPN client node, which is 
implemented on software, (paragraphs 5 and 6, specification). The specification does 
not point to a hardware or other statutory embodiment for the node. The idea that the 
node can be embodied fully in software makes the system software per se and non- 
statutory. 



Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Schuster et al., U.S. Patent No. 6,363,053, further in view of Weldon et al., U.S. Patent 
No. 2003/0198235. 



Schuster teaches the invention substantially as claimed including a method and 
apparatus for testing conformance to server level agreements in networks (see 
abstract). 
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As to claim 1 , Shuster teaches a method of measuring the quality of service 
provided to a remote-access user of a virtual private network, said virtual private 
network comprising a plurality of private network locations interconnected through a 
public data network, with the remote-access user including a VPN client device directly 
connected to said public data network, the method comprising the steps of: 

a) providing measurement software at a VPN client location (col. 1 1 , lines 45-54, 
VPN Quality of Service monitoring administered); 

b) collecting, at the VPN client location, VPN performance information (col. 12, 
lines 26-34, conformance testing method); 

e) analyzing the stored VPN performance information (col. 12, lines 26-34, 
comparison of collected QoS characteristics to QoS characteristics in the SLA); and 

f) generating a report measuring the quality of service as defined by the analysis 
of the stored service information (col. 12, lines 32-37, a report generated indicating the 
level of conformance to the SLA). 

Schuster does not explicitly teach c) uploading the collected VPN performance 
information to a centralized server connected between the VPN and said public data 
network and d) filtering, normalizing and storing the uploaded VPN performance 
information at the centralized server. 

However, Weldon teaches collection of service level agreement statistics in 
communication networks and especially VPNs (see abstract). Weldon teaches the use 
of aggregating probe data and uploading it to a server (paragraph 50). 
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It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Schuster in view of Weldon to upload the collected VPN 
performance information to a centralized server connected between the VPN and said 
public data network and filtering, normalizing and storing the uploaded VPN 
performance information at the centralized server. One would be motivated to do so 
because it allows for convenient review by customers of the VPN (paragraph 50). 

Regarding claim 2, Weldon teaches the method as defined in claim 1 wherein the 
method further comprises the step of performing any required VPN service maintenance 
actions to correct communication problems included in the generated report (fig. 6, 
paragraphs 64, 65). 

Regarding claim 3, Schuster teaches the method as defined in claim 1 wherein 
step b) comprises the collection of: the date and time of each VPN connection attempt, 
the identity of the VPN server to which the VPN client is attempting to connect, any 
connection failure code, and disconnection reason code (col. 13, lines 17-29). 

Regarding claim 4, Weldon teaches the method as defined in claim 1 wherein in 
step b) comprises the collection of information related to VPN accessibility, VPN 
sustainability and VPN availability (paragraph 36). 
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Regarding claim 5, Schuster teaches the method as defined in claim 1 wherein 
the method is utilized for a plurality of separate remote-access VPN client devices, the 
steps of analyzing and generating then based on data collected from the plurality of 
separate remote-access VPN client devices (col. 11, lines 45-54). 

Regarding claim 6, Schuster teaches the method as defined in claim 5 wherein at 
least one remote-access VPN client device comprises a persistent location VPN client 
device (col. 1 1 , lines 45-58). 

Regarding claim 7, Schuster teaches the method as defined in claim 5 wherein at 
least one remote-access VPN client device comprises a transient location VPN client 
device (col. 1 1 , lines 45-58). 

Regarding claim 8, Schuster teaches the method as defined in claim 5 wherein 
step f) includes the generation of an aggregate report based on the performance of the 
plurality of separate remote-access VPN client devices (col. 12, lines 26-37). 

Regarding claim 9, Schuster and Weldon teach the method as defined in claim 1 
wherein the collecting of step b) further comprises collecting information such as: link 
type, session duration, IP port identity, type of VPN protocol, type of VPN encryption, 
identity of network nodes traversed between the VPN client and VPN server (Schuster, 
col. 12, 13, Weldon, paragraphs 36-50). 
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As to claim 10, Schuster teaches a VPN client node for providing access to a 
VPN remotely located from a user, the VPN client node comprising 

encryption/decryption elements for providing secure communication between the 
remotely located VPN client and a public data network, said public data network also 
coupled to said VPN (col. 11, lines 45-61); and 

a quality measurement element associated with said VPN client node, said 
quality measurement element for collecting VPN client performance information (col. 12, 
lines 26-34). 

Schuster fails to teach the limitation further including uploading the collected 
information to a server located in the data communication network. 

However, Weldon teaches the use of aggregating probe data and uploading it to 
a server (paragraph 50). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Schuster in view of Weldon to upload the collected information to a 
server located in the data communication network. One would be motivated to do so 
because it allows for convenient review by customers of the VPN (paragraph 50). 

Regarding claim 1 1 , Schuster teaches a VPN client node as defined in claim 10 
wherein the node is a persistent location, including at least one client user device and a 
VPN gateway coupling the at least one client node to the data network, wherein the 
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quality measurement element is located at the VPN gateway (col. 1 1 , line 45 - col. 12, 
line 25). 

Regarding claim 12, Schuster teaches a VPN client node as defined in claim 10 
wherein the node is a transient, on-demand location with the quality measurement 
element co-located with the VPN client device (col. 1 1 , line 45 - col. 12, line 25). 

Regarding claim 14, Weldon teaches a VPN client node as defined in claim 10 
wherein said client node further comprises an upload feature for transmitting the VPN 
service information collected by the quality measurement element to a centralized 
server within the VPN (paragraph 50). 

Regarding claim 18, Schuster teaches a VPN centralized network server as 
defined in claim 16 wherein the server is capable of receiving connect/disconnect 
information from a plurality of separately located remote-access VPN client devices (col. 
13, lines 15-29). 

Claims 13, 15-17, and 19-21 do not teach or define any new limitations above 
claims 1, 3, 4, 6-9 and therefore are rejected for similar reasons. 
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Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

U.S. Pat. Pub. No. 2005/0088977 to Roch et al., because it discloses a dynamic 
VPN tunnel quality of service treatment. 

U.S. Pat. Pub. No. 2005/0193103 to Drabik, because it discloses a method and 
apparatus for automatic configuration and management of a virtual private network. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to AVI GOLD whose telephone number is (571)272-4002. 
The examiner can normally be reached on M-F 8:00-5:30 (1st Friday Off). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on 571-272-4001 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/A. G.I 

Examiner, Art Unit 2157 



/Ario Etienne/ 

Supervisory Patent Examiner, Art Unit 2157 



